I think what aweSEC might be trying to tell you is that its more common to find a misconfiguration that leads to privilege escalation than a local privilege escalation exploit from a site like exploit-db.com.